From: Igor Mammedov <imammedo@redhat.com>
To: linux-kernel@vger.kernel.org
Cc: imammedo@redhat.com, kamezawa.hiroyu@jp.fujitsu.com,
        balbir@linux.vnet.ibm.com, akpm@linux-foundation.org
Subject: [PATCH] memcg: do not expose uninitialized mem_cgroup_per_node to world
Date: Wed,  1 Jun 2011 12:44:04 +0200
Message-Id: <1306925044-2828-1-git-send-email-imammedo@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1347
Lines: 41

Freshly allocated 'mem_cgroup_per_node' list entries must be
initialized before the rest of the kernel can see them. Otherwise
zero initialized list fields can lead to race condition at
mem_cgroup_force_empty_list:
  pc = list_entry(list->prev, struct page_cgroup, lru);
where 'pc' will be something like 0xfffffffc if list->prev is 0
and cause page fault later when 'pc' is dereferenced.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
 mm/memcontrol.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index bd9052a..ee7cb4c 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4707,7 +4707,6 @@ static int alloc_mem_cgroup_per_zone_info(struct mem_cgroup *mem, int node)
 	if (!pn)
 		return 1;
 
-	mem->info.nodeinfo[node] = pn;
 	for (zone = 0; zone < MAX_NR_ZONES; zone++) {
 		mz = &pn->zoneinfo[zone];
 		for_each_lru(l)
@@ -4716,6 +4715,7 @@ static int alloc_mem_cgroup_per_zone_info(struct mem_cgroup *mem, int node)
 		mz->on_tree = false;
 		mz->mem = mem;
 	}
+	mem->info.nodeinfo[node] = pn;
 	return 0;
 }
 
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/